playground/encryption_demo/test.bash

#!/bin/bash

# Generate RSA key pairs for Alice, Bob, and Ken
echo "Generate keys"
openssl genrsa -out keys/alice_private.pem 2048
openssl rsa -in keys/alice_private.pem -pubout -out keys/alice_public.pem

openssl genrsa -out keys/bob_private.pem 2048
openssl rsa -in keys/bob_private.pem -pubout -out keys/bob_public.pem

openssl genrsa -out keys/ken_private.pem 2048
openssl rsa -in keys/ken_private.pem -pubout -out keys/ken_public.pem

# Create a simple message file
echo "Hello, Alice! This is a secure message from Bob." > msg/message.txt

echo "Signing"
# Bob signs the message
openssl dgst -sha256 -sign keys/bob_private.pem -out msg/message.sig msg/message.txt

echo "Encrypt"
# Generate a symmetric AES key
openssl rand -base64 32 > msg/symmetric.key

# Encrypt the message and the signature with the symmetric key
openssl enc -aes-256-cbc -salt -pbkdf2 -iter 100000 -in msg/message.txt -out enc/message_enc.txt -pass file:msg/symmetric.key
openssl enc -aes-256-cbc -salt -pbkdf2 -iter 100000 -in msg/message.sig -out enc/signature_enc.txt -pass file:msg/symmetric.key

# Encrypt the symmetric key with Alice's public RSA key
openssl rsautl -encrypt -inkey keys/alice_public.pem -pubin -in msg/symmetric.key -out enc/symmetric_enc.key

echo "Decrypt"
# Alice decrypts the symmetric key with her private RSA key
openssl rsautl -decrypt -inkey keys/alice_private.pem -in enc/symmetric_enc.key -out dec/symmetric_dec.key

# Alice decrypts the message and the signature with the symmetric key
openssl enc -d -aes-256-cbc -pbkdf2 -iter 100000 -in enc/message_enc.txt -out dec/message_dec.txt -pass file:dec/symmetric_dec.key
openssl enc -d -aes-256-cbc -pbkdf2 -iter 100000 -in enc/signature_enc.txt -out dec/signature_dec.sig -pass file:dec/symmetric_dec.key

echo "Verify"
# Alice verifies the signature from Bob
if openssl dgst -sha256 -verify keys/bob_public.pem -signature dec/signature_dec.sig dec/message_dec.txt; then
    echo "Signature verification successful: The message is from Bob."
else
    echo "Signature verification failed: The message is not from Bob."
fi

# Attempt to verify the message as if it came from Ken
if openssl dgst -sha256 -verify keys/ken_public.pem -signature dec/signature_dec.sig dec/message_dec.txt; then
    echo "Signature verification false positive: The message is from Ken."
else
    echo "Signature verification correctly failed: The message is not from Ken."
fi
encryption demo 2024-08-26 21:21:46 -04:00			`#!/bin/bash`

			`# Generate RSA key pairs for Alice, Bob, and Ken`
			`echo "Generate keys"`
			`openssl genrsa -out keys/alice_private.pem 2048`
			`openssl rsa -in keys/alice_private.pem -pubout -out keys/alice_public.pem`

			`openssl genrsa -out keys/bob_private.pem 2048`
			`openssl rsa -in keys/bob_private.pem -pubout -out keys/bob_public.pem`

			`openssl genrsa -out keys/ken_private.pem 2048`
			`openssl rsa -in keys/ken_private.pem -pubout -out keys/ken_public.pem`

			`# Create a simple message file`
			`echo "Hello, Alice! This is a secure message from Bob." > msg/message.txt`

			`echo "Signing"`
			`# Bob signs the message`
			`openssl dgst -sha256 -sign keys/bob_private.pem -out msg/message.sig msg/message.txt`

			`echo "Encrypt"`
			`# Generate a symmetric AES key`
			`openssl rand -base64 32 > msg/symmetric.key`

			`# Encrypt the message and the signature with the symmetric key`
			`openssl enc -aes-256-cbc -salt -pbkdf2 -iter 100000 -in msg/message.txt -out enc/message_enc.txt -pass file:msg/symmetric.key`
			`openssl enc -aes-256-cbc -salt -pbkdf2 -iter 100000 -in msg/message.sig -out enc/signature_enc.txt -pass file:msg/symmetric.key`

			`# Encrypt the symmetric key with Alice's public RSA key`
			`openssl rsautl -encrypt -inkey keys/alice_public.pem -pubin -in msg/symmetric.key -out enc/symmetric_enc.key`

			`echo "Decrypt"`
			`# Alice decrypts the symmetric key with her private RSA key`
			`openssl rsautl -decrypt -inkey keys/alice_private.pem -in enc/symmetric_enc.key -out dec/symmetric_dec.key`

			`# Alice decrypts the message and the signature with the symmetric key`
			`openssl enc -d -aes-256-cbc -pbkdf2 -iter 100000 -in enc/message_enc.txt -out dec/message_dec.txt -pass file:dec/symmetric_dec.key`
			`openssl enc -d -aes-256-cbc -pbkdf2 -iter 100000 -in enc/signature_enc.txt -out dec/signature_dec.sig -pass file:dec/symmetric_dec.key`

			`echo "Verify"`
			`# Alice verifies the signature from Bob`
			`if openssl dgst -sha256 -verify keys/bob_public.pem -signature dec/signature_dec.sig dec/message_dec.txt; then`
			`echo "Signature verification successful: The message is from Bob."`
			`else`
			`echo "Signature verification failed: The message is not from Bob."`
			`fi`

			`# Attempt to verify the message as if it came from Ken`
			`if openssl dgst -sha256 -verify keys/ken_public.pem -signature dec/signature_dec.sig dec/message_dec.txt; then`
			`echo "Signature verification false positive: The message is from Ken."`
			`else`
			`echo "Signature verification correctly failed: The message is not from Ken."`
			`fi`